Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
213
Views
0
Helpful
1
Replies

HSRP and NAT

mjbriggs
Level 1
Level 1

‎07-01-2002 08:54 AM - edited ‎03-01-2019 11:17 PM

When installing two routers running HSRP and NAT should you use the same NAT pool on both routers or create unique pools for both routers ? I have tested two routers both with the same NAT pools configured and could not find any technical problems but I am a little worried about security issues ie. session hijack etc .

Labels:
0 Helpful
1 Reply 1

Erick Bergquist
Level 6
Level 6

‎07-01-2002 02:19 PM

HSRP and NAT are seperate technologies and don't interact with one another.

Without having more details on your NAT configuration (outside interfaces, etc) I can only speculate on some possible issues. If the LAN interfaces with HSRP are the outside interface for NAT then if you have the same NAT pool defined on both routers it is feasible for both routers to translate traffic to the same IP causing a duplicate IP address condition.

For dynamic translations, session highjacking would be more difficult since the other router is probably going to be using a different translated address/port then the other router. If you're worried about security, then use IOS security features (CBAC, access-lists, etc).

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card